Vraag & Antwoord
topsearch10
17 antwoorden
- ik heb lastt van bovenstaand programma
kan momenteel niet te veel typen, sorry
hoe krijg ik dit weg! - oh en Search & Destroy haalt het dus niet weg…
telkens als ik een explorer scherm opstart krijg ik tig van die schermen van topsearch10..
vriendelijk bedankt! - copier de volgende code:
[code:1:cd17b60b0a]
regedit /e C:\run..txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
start C:\run.txt[/code:1:cd17b60b0a]
Plak dit in notepad en sla het op als [b:cd17b60b0a]run.bat[/b:cd17b60b0a]
Opslaan als type: [b:cd17b60b0a]Alle bestanden[/b:cd17b60b0a]
Start run.bat en post de inhoud. - hij kan het document run.txt niet vinden zegt ie
- heb en typo gemaakt. Je hebt waarschijnlijk W98
[code:1:85b316e96d]
regedit /e C:\run.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
notepad C:\run.txt[/code:1:85b316e96d]
opslaan als run.bat en starten
maakt een C:\run.txt aan die automatisch wordt getoond. - indows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
"QuickTime Task"=""C:\\Program Files\\QuickTime\\qttask.exe" -atboottime"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"UpdateManager"=""C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe" /r"
"HPHUPD05"="c:\\Program Files\\Hewlett-Packard\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
"HP Software Update"=""c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe""
"HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
"ccApp"=""C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"WebSearch"="C:\\WINDOWS\\System32\\WebSrch2.exe"
dank je! - xp trouwens
- Maak een scan met microworld http://www.mwti.net/antivirus/mwav.asp
post het resultaat tesamen met een hijackthislog - hijack this voor scan
Logfile of HijackThis v1.99.1
Scan saved at 13:19:26, on 29-4-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\WebSrch2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\boom\Local Settings\Temporary Internet Files\Content.IE5\61JSLWRA\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB/viewtopic.php?p=966351
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O1 - Hosts: om #[Adware.Searchforit]
O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
O1 - Hosts: 127.0..sextracker.com
O1 - Hosts: om #[Adware.Searchforit]
O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
O1 - Hosts: 127.0..sextracker.com
O1 - Hosts: om #[Adware.Searchforit]
O1 - Hosts: 127.0.27.0.0.1 stx7.sextracker.com
O1 - Hosts: 127.0..sextracker.com
O1 - Hosts: om #[Adware.Searchforit]
O1 - Hosts: com
O1 - Hosts: com
O1 - Hosts: 127.0.0.
O1 - Hosts: er.com
O1 - Hosts: er.com
O1 - Hosts: er.com
O1 - Hosts: 127.0
O1 - Hosts: m
O1 - Hosts: izer.com
O1 - Hosts: m
O1 - Hosts: izer.com
O1 - Hosts: 127.0.0.
O1 - Hosts: com
O1 - Hosts: com
O1 - Hosts: optimizer.com
O1 - Hosts: .i-lookup.com
O1 - Hosts: com
O1 - Hosts: optimizer.com
O1 - Hosts: 127.0.0.
O1 - Hosts: olbar.com
O1 - Hosts: et-optimizer.com
O1 - Hosts: olbar.com
O1 - Hosts: et-optimizer.com
O1 - Hosts: 127
O1 - Hosts: chtoolbar.com
O1 - Hosts: ernet-optimizer.com
O1 - Hosts: chtoolbar.com
O1 - Hosts: ernet-optimizer.com
O1 - Hosts: 127.0.0.
O1 - Hosts: nternet-optimizer.com
O1 - Hosts: 127.0.0.om.edgesuite.net
O1 - Hosts: nternet-optimizer.com
O1 - Hosts: .internet-optimizer.com
O1 - Hosts: .internet-optimizer.com
O1 - Hosts: w.internet-optimizer.com
O1 - Hosts: w.internet-optimizer.com
O1 - Hosts: m
O1 - Hosts: w.internet-optimizer.com
O1 - Hosts: m
O1 - Hosts: w.internet-optimizer.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} - C:\WINDOWS\System32\req.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WebSearch] C:\WINDOWS\System32\WebSrch2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c11.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkCnv.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_aac.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O20 - Winlogon Notify: req - C:\WINDOWS\System32\req.dll (file missing)
O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe - Heb je Norton Antivirus of AVG al eens gedraaid? want er zit nog al wat virussen en spyware- programma's op je pc als Internet Optimalizer, Web search en DialXS
Probeer eens Hitman Pro en nog wat, zet je HijackThis in een aparte folder en niet in tijdelijke internetbestanden omdat HijackThis back-ups maakt! Dus bijv. C:\Program Files\HijackThis
Post na deze actie weer een nieuwe log! - Fri Apr 29 13:24:29 2005 => **********************************************************
Fri Apr 29 13:24:29 2005 => MicroWorld AntiVirus Toolkit Utility.
Fri Apr 29 13:24:29 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Apr 29 13:24:29 2005 => **********************************************************
Fri Apr 29 13:24:29 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
Fri Apr 29 13:24:29 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
Fri Apr 29 13:24:29 2005 => MWAV Registered: FALSE.
Fri Apr 29 13:24:29 2005 => MWAV Mode: Only Scan files.
Fri Apr 29 13:24:31 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
Fri Apr 29 13:24:41 2005 => AV Library Loaded…
Fri Apr 29 13:24:42 2005 => MWAV doing self scanning…
Fri Apr 29 13:24:42 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
Fri Apr 29 13:24:42 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\Getvlist.exe
Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll
Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
Fri Apr 29 13:24:43 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavvlg.dll
Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\main.avi
Fri Apr 29 13:24:44 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\virus.avi
Fri Apr 29 13:24:44 2005 => MWAV files are clean.
Fri Apr 29 13:24:54 2005 => Virus Database Date: 2005/04/28
Fri Apr 29 13:24:54 2005 => Virus Database Count: 127611
Fri Apr 29 13:25:17 2005 => **********************************************************
Fri Apr 29 13:25:17 2005 => MicroWorld AntiVirus Toolkit Utility.
Fri Apr 29 13:25:17 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Apr 29 13:25:17 2005 =>
Fri Apr 29 13:25:17 2005 => Support: support@mwti.net
Fri Apr 29 13:25:17 2005 => Web: http://www.mwti.net
Fri Apr 29 13:25:17 2005 => **********************************************************
Fri Apr 29 13:25:17 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
Fri Apr 29 13:25:17 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
Fri Apr 29 13:25:17 2005 => User Account: boom
Fri Apr 29 13:25:17 2005 => Windows Root Folder: C:\WINDOWS
Fri Apr 29 13:25:17 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
Fri Apr 29 13:25:17 2005 => OS: Windows NT
Fri Apr 29 13:25:18 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
Fri Apr 29 13:25:20 2005 => Options Selected by User:
Fri Apr 29 13:25:20 2005 => Memory Check: Enabled
Fri Apr 29 13:25:20 2005 => Registry Check: Enabled
Fri Apr 29 13:25:20 2005 => StartUp Folder Check: Enabled
Fri Apr 29 13:25:20 2005 => System Folder Check: Enabled
Fri Apr 29 13:25:20 2005 => System Area Check: Disabled
Fri Apr 29 13:25:20 2005 => Services Check: Enabled
Fri Apr 29 13:25:20 2005 => Drive Check: Disabled
Fri Apr 29 13:25:20 2005 => All Drive Check :Enabled
Fri Apr 29 13:25:20 2005 => Folder Check: Disabled
Fri Apr 29 13:25:23 2005 => ***** Scanning Memory Files *****
Fri Apr 29 13:25:23 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Fri Apr 29 13:25:23 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Fri Apr 29 13:25:24 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Fri Apr 29 13:25:25 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Fri Apr 29 13:25:26 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Fri Apr 29 13:25:28 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Fri Apr 29 13:25:29 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
Fri Apr 29 13:25:30 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Fri Apr 29 13:25:31 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Fri Apr 29 13:25:32 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Fri Apr 29 13:25:34 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Fri Apr 29 13:25:35 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Fri Apr 29 13:25:36 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Fri Apr 29 13:25:37 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Fri Apr 29 13:25:38 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Fri Apr 29 13:25:38 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Fri Apr 29 13:25:39 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Fri Apr 29 13:25:39 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Fri Apr 29 13:25:41 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Fri Apr 29 13:25:41 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Fri Apr 29 13:25:42 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Fri Apr 29 13:25:42 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Fri Apr 29 13:25:43 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Fri Apr 29 13:25:43 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Fri Apr 29 13:25:45 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Apr 29 13:25:47 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Fri Apr 29 13:25:48 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Fri Apr 29 13:25:49 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Fri Apr 29 13:25:49 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Fri Apr 29 13:25:50 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Fri Apr 29 13:25:52 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Fri Apr 29 13:25:53 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Fri Apr 29 13:25:54 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Fri Apr 29 13:25:55 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Fri Apr 29 13:25:55 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Fri Apr 29 13:25:56 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Fri Apr 29 13:25:56 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Fri Apr 29 13:25:57 2005 => Scanning File C:\WINDOWS\system32\SYNCOR11.DLL
Fri Apr 29 13:25:57 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Apr 29 13:25:58 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
Fri Apr 29 13:25:59 2005 => Scanning File C:\WINDOWS\system32\shfolder.dll
Fri Apr 29 13:25:59 2005 => Scanning File C:\WINDOWS\system32\wininet.dll
Fri Apr 29 13:26:00 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Fri Apr 29 13:26:01 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
Fri Apr 29 13:26:01 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Fri Apr 29 13:26:02 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Fri Apr 29 13:26:02 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Fri Apr 29 13:26:03 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Fri Apr 29 13:26:04 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Fri Apr 29 13:26:04 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Fri Apr 29 13:26:05 2005 => Scanning File C:\WINDOWS\system32\RASAPI32.dll
Fri Apr 29 13:26:05 2005 => Scanning File C:\WINDOWS\system32\rasman.dll
Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\TAPI32.dll
Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\rtutils.dll
Fri Apr 29 13:26:06 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Fri Apr 29 13:26:07 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Fri Apr 29 13:26:20 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Fri Apr 29 13:26:21 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Apr 29 13:26:22 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Fri Apr 29 13:26:23 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Fri Apr 29 13:26:24 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Fri Apr 29 13:26:24 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Fri Apr 29 13:26:25 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Fri Apr 29 13:26:25 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Fri Apr 29 13:26:27 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Fri Apr 29 13:26:27 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Fri Apr 29 13:26:28 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Fri Apr 29 13:26:29 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Fri Apr 29 13:26:30 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Fri Apr 29 13:26:30 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Fri Apr 29 13:26:31 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Fri Apr 29 13:26:32 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Apr 29 13:26:32 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Fri Apr 29 13:26:33 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
Fri Apr 29 13:26:33 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Fri Apr 29 13:26:34 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Fri Apr 29 13:26:35 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Fri Apr 29 13:26:35 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
Fri Apr 29 13:26:36 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
Fri Apr 29 13:26:36 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Apr 29 13:26:36 2005 => Scanning File c:\windows\system32\rpcss.dll
Fri Apr 29 13:26:37 2005 => Scanning File c:\windows\system32\termsrv.dll
Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\ICAAPI.dll
Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\mstlsapi.dll
Fri Apr 29 13:26:38 2005 => Scanning File c:\windows\system32\ACTIVEDS.dll
Fri Apr 29 13:26:39 2005 => Scanning File c:\windows\system32\adsldpc.dll
Fri Apr 29 13:26:39 2005 => Scanning File c:\windows\system32\ATL.DLL
Fri Apr 29 13:26:40 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Fri Apr 29 13:26:40 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Fri Apr 29 13:26:40 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
Fri Apr 29 13:26:40 2005 => Scanning File c:\windows\system32\wzcsvc.dll
Fri Apr 29 13:26:41 2005 => Scanning File c:\windows\system32\WMI.dll
Fri Apr 29 13:26:41 2005 => Scanning File c:\windows\system32\ESENT.dll
Fri Apr 29 13:26:42 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
Fri Apr 29 13:26:42 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
Fri Apr 29 13:26:44 2005 => Scanning File c:\windows\system32\schedsvc.dll
Fri Apr 29 13:26:44 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\audiosrv.dll
Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\wkssvc.dll
Fri Apr 29 13:26:45 2005 => Scanning File c:\windows\system32\qmgr.dll
Fri Apr 29 13:26:46 2005 => Scanning File c:\windows\system32\WINHTTP.dll
Fri Apr 29 13:26:47 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Fri Apr 29 13:26:47 2005 => Scanning File c:\windows\system32\certcli.dll
Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\ersvc.dll
Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\es.dll
Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Fri Apr 29 13:26:48 2005 => Scanning File c:\windows\system32\srvsvc.dll
Fri Apr 29 13:26:49 2005 => Scanning File c:\windows\system32\netman.dll
Fri Apr 29 13:26:50 2005 => Scanning File c:\windows\system32\netshell.dll
Fri Apr 29 13:26:51 2005 => Scanning File c:\windows\system32\credui.dll
Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\seclogon.dll
Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\sens.dll
Fri Apr 29 13:26:52 2005 => Scanning File c:\windows\system32\srsvc.dll
Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\POWRPROF.dll
Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\trkwks.dll
Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\browser.dll
Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\wuauserv.dll
Fri Apr 29 13:26:53 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Fri Apr 29 13:26:54 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Fri Apr 29 13:26:54 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Fri Apr 29 13:26:56 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Fri Apr 29 13:26:56 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Fri Apr 29 13:26:57 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Fri Apr 29 13:26:57 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
Fri Apr 29 13:26:58 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Fri Apr 29 13:26:59 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Fri Apr 29 13:26:59 2005 => Scanning File c:\windows\system32\ipnathlp.dll
Fri Apr 29 13:27:00 2005 => Scanning File c:\windows\system32\wscsvc.dll
Fri Apr 29 13:27:00 2005 => Scanning File c:\windows\system32\msi.dll
Fri Apr 29 13:27:00 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Fri Apr 29 13:27:01 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Fri Apr 29 13:27:02 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Fri Apr 29 13:27:02 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Fri Apr 29 13:27:04 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Fri Apr 29 13:27:04 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Fri Apr 29 13:27:05 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Fri Apr 29 13:27:05 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Fri Apr 29 13:27:06 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Fri Apr 29 13:27:06 2005 => Scanning File C:\WINDOWS\System32\netcfgx.dll
Fri Apr 29 13:27:07 2005 => Scanning File c:\windows\system32\tapisrv.dll
Fri Apr 29 13:27:08 2005 => Scanning File c:\windows\system32\rasmans.dll
Fri Apr 29 13:27:08 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
Fri Apr 29 13:27:08 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\System32\unimdmat.dll
Fri Apr 29 13:27:09 2005 => Scanning File C:\WINDOWS\system32\modemui.dll
Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Fri Apr 29 13:27:10 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
Fri Apr 29 13:27:11 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Fri Apr 29 13:27:11 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
Fri Apr 29 13:27:12 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
Fri Apr 29 13:27:12 2005 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Fri Apr 29 13:27:12 2005 => Scanning File c:\windows\system32\rasauto.dll
Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\System32\icmp.dll
Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\system32\upnphost.dll
Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Fri Apr 29 13:27:13 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Fri Apr 29 13:27:15 2005 => Scanning File C:\WINDOWS\System32\upnp.dll
Fri Apr 29 13:27:15 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
Fri Apr 29 13:27:16 2005 => Scanning File C:\WINDOWS\System32\wuapi.dll
Fri Apr 29 13:27:17 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
Fri Apr 29 13:27:18 2005 => Scanning File C:\WINDOWS\System32\xmlprovi.dll
Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\lmhsvc.dll
Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\webclnt.dll
Fri Apr 29 13:27:18 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
Fri Apr 29 13:27:19 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll
Fri Apr 29 13:27:19 2005 => Scanning File C:\WINDOWS\System32\httpapi.dll
Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Fri Apr 29 13:27:20 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Fri Apr 29 13:27:21 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Fri Apr 29 13:27:22 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
Fri Apr 29 13:27:22 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Fri Apr 29 13:27:26 2005 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
Fri Apr 29 13:27:29 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Fri Apr 29 13:39:34 2005 => **********************************************************
Fri Apr 29 13:39:35 2005 => MicroWorld AntiVirus Toolkit Utility.
Fri Apr 29 13:39:35 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Apr 29 13:39:35 2005 => **********************************************************
Fri Apr 29 13:39:35 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
Fri Apr 29 13:39:35 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
Fri Apr 29 13:39:35 2005 => Last Scan Date and Time: 29.04.2005 13:25:18
Fri Apr 29 13:39:35 2005 => MWAV Registered: FALSE.
Fri Apr 29 13:39:35 2005 => MWAV Mode: Only Scan files.
Fri Apr 29 13:39:38 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
Fri Apr 29 13:39:54 2005 => AV Library Loaded…
Fri Apr 29 13:39:54 2005 => MWAV doing self scanning…
Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\Getvlist.exe
Fri Apr 29 13:39:54 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavvlg.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\main.avi
Fri Apr 29 13:39:55 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\virus.avi
Fri Apr 29 13:39:55 2005 => MWAV files are clean.
Fri Apr 29 13:40:04 2005 => Virus Database Date: 2005/04/28
Fri Apr 29 13:40:04 2005 => Virus Database Count: 127611
Fri Apr 29 13:40:14 2005 => **********************************************************
Fri Apr 29 13:40:14 2005 => MicroWorld AntiVirus Toolkit Utility.
Fri Apr 29 13:40:14 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc.
Fri Apr 29 13:40:14 2005 =>
Fri Apr 29 13:40:14 2005 => Support: support@mwti.net
Fri Apr 29 13:40:14 2005 => Web: http://www.mwti.net
Fri Apr 29 13:40:14 2005 => **********************************************************
Fri Apr 29 13:40:14 2005 => Version 6.1.2 (C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com)
Fri Apr 29 13:40:14 2005 => Log File: C:\DOCUME~1\boom\LOCALS~1\Temp\MWAV.LOG
Fri Apr 29 13:40:14 2005 => User Account: boom
Fri Apr 29 13:40:14 2005 => Windows Root Folder: C:\WINDOWS
Fri Apr 29 13:40:14 2005 => Windows Sys32 Folder: C:\WINDOWS\system32
Fri Apr 29 13:40:14 2005 => OS: Windows NT
Fri Apr 29 13:40:14 2005 => Latest Date of files inside MWAV: 28 Apr 2005 15:45:44.
Fri Apr 29 13:40:14 2005 => Options Selected by User:
Fri Apr 29 13:40:14 2005 => Memory Check: Enabled
Fri Apr 29 13:40:14 2005 => Registry Check: Enabled
Fri Apr 29 13:40:14 2005 => StartUp Folder Check: Enabled
Fri Apr 29 13:40:14 2005 => System Folder Check: Enabled
Fri Apr 29 13:40:14 2005 => System Area Check: Disabled
Fri Apr 29 13:40:14 2005 => Services Check: Enabled
Fri Apr 29 13:40:14 2005 => Drive Check Option Disabled
Fri Apr 29 13:40:14 2005 => Folder Check: Disabled
Fri Apr 29 13:40:14 2005 => ***** Scanning Memory Files *****
Fri Apr 29 13:40:14 2005 => Scanning File C:\WINDOWS\System32\smss.exe
Fri Apr 29 13:40:14 2005 => Scanning File C:\WINDOWS\system32\ntdll.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\basesrv.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\winsrv.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\GDI32.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Fri Apr 29 13:40:15 2005 => Scanning File C:\WINDOWS\system32\USER32.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\sxs.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\VERSION.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Fri Apr 29 13:40:16 2005 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\USERENV.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\Secur32.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Fri Apr 29 13:40:17 2005 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Fri Apr 29 13:40:18 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\odbcint.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\sfc.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Fri Apr 29 13:40:19 2005 => Scanning File C:\WINDOWS\system32\ole32.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\WINMM.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\SYNCOR11.DLL
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\shfolder.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\wininet.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\wsock32.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\urlmon.dll
Fri Apr 29 13:40:20 2005 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\MPR.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\cscui.dll
Fri Apr 29 13:40:21 2005 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\COMRes.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\msacm32.drv
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\midimap.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\services.exe
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Fri Apr 29 13:40:22 2005 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\eventlog.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\msprivs.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\kerberos.dll
Fri Apr 29 13:40:23 2005 => Scanning File C:\WINDOWS\system32\netlogon.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\w32time.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\schannel.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\wdigest.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\oakley.DLL
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\mswsock.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\dssenh.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\psbase.dll
Fri Apr 29 13:40:24 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Apr 29 13:40:24 2005 => Scanning File c:\windows\system32\rpcss.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\termsrv.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ICAAPI.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\mstlsapi.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ACTIVEDS.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\adsldpc.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ATL.DLL
Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\winrnr.dll
Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\dhcpcsvc.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\wzcsvc.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\rtutils.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\WMI.dll
Fri Apr 29 13:40:25 2005 => Scanning File c:\windows\system32\ESENT.dll
Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\rastls.dll
Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Fri Apr 29 13:40:25 2005 => Scanning File C:\WINDOWS\System32\MPRAPI.dll
Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\rasman.dll
Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\raschap.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\schedsvc.dll
Fri Apr 29 13:40:26 2005 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\audiosrv.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\wkssvc.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\qmgr.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\WINHTTP.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\cryptsvc.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\certcli.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\ersvc.dll
Fri Apr 29 13:40:26 2005 => Scanning File c:\windows\system32\es.dll
Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\pchealth\helpctr\binaries\pchsvc.dll
Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32\srvsvc.dll
Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32\netman.dll
Fri Apr 29 13:40:27 2005 => Scanning File c:\windows\system32\netshell.dll
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\credui.dll
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\WZCSAPI.DLL
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\seclogon.dll
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\sens.dll
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\srsvc.dll
Fri Apr 29 13:40:28 2005 => Scanning File c:\windows\system32\POWRPROF.dll
Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\trkwks.dll
Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\browser.dll
Fri Apr 29 13:40:29 2005 => Scanning File c:\windows\system32\wuauserv.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\system32\colbact.DLL
Fri Apr 29 13:40:29 2005 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\RESUTILS.DLL
Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\ipnathlp.dll
Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\wscsvc.dll
Fri Apr 29 13:40:30 2005 => Scanning File c:\windows\system32\msi.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemcomn.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\wbemcore.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\esscli.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\Wbem\FastProx.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiutils.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\repdrvfs.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiprvsd.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemess.dll
Fri Apr 29 13:40:30 2005 => Scanning File C:\WINDOWS\System32\wbem\ncprov.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\netcfgx.dll
Fri Apr 29 13:40:31 2005 => Scanning File c:\windows\system32\tapisrv.dll
Fri Apr 29 13:40:31 2005 => Scanning File c:\windows\system32\rasmans.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\rastapi.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\unimdm.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\uniplat.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\unimdmat.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\system32\modemui.dll
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\kmddsp.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\ndptsp.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\ipconf.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\h323.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\hidphone.tsp
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\HID.DLL
Fri Apr 29 13:40:31 2005 => Scanning File C:\WINDOWS\System32\rasppp.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\ntlsapi.dll
Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\rasauto.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\icmp.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\system32\upnphost.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\system32\SSDPAPI.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\RASDLG.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\upnp.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\wups.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemsvc.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\msxml3.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\mlang.dll
Fri Apr 29 13:40:32 2005 => Scanning File C:\WINDOWS\System32\xmlprovi.dll
Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\dnsrslvr.dll
Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\lmhsvc.dll
Fri Apr 29 13:40:32 2005 => Scanning File c:\windows\system32\webclnt.dll
Fri Apr 29 13:40:33 2005 => Scanning File c:\windows\system32\ssdpsrv.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\System32\httpapi.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\udhisapi.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\localspl.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\usbmon.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\win32spl.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\inetpp.dll
Fri Apr 29 13:40:33 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Fri Apr 29 13:40:33 2005 => Scanning File C:\WINDOWS\system32\MSVCP71.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcfg.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgklib.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\WINDOWS\System32\wbem\wbemprox.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avglng.dll
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetMgr.exe
Fri Apr 29 13:40:34 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccL30.dll
Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\system32\DBGHELP.DLL
Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\system32\IMM32.DLL
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccVrTrst.dll
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1\navapsvc.exe
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\NPFMntor.exe
Fri Apr 29 13:40:35 2005 => Scanning File C:\WINDOWS\System32\nvsvc32.exe
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\ANALOG~1\SoundMAX\SMAgent.exe
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCSvc.exe
Fri Apr 29 13:40:35 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccSet.dll
Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll
Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\wiaservc.dll
Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\CFGMGR32.dll
Fri Apr 29 13:40:36 2005 => Scanning File c:\windows\system32\mscms.dll
Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\actxprxy.dll
Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\sti.dll
Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Fri Apr 29 13:40:36 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcnet.dll
Fri Apr 29 13:40:36 2005 => Scanning File C:\WINDOWS\System32\wdfmgr.exe
Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtMgr.exe
Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL
Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL
Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
Fri Apr 29 13:40:37 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVEVENT.DLL
Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\SYSTEM32\SYMNETI.DLL
Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\Explorer.EXE
Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Fri Apr 29 13:40:37 2005 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\MSIMG32.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\PROGRA~1\WINDOW~1\wmpband.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\msutb.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\MSCTF.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32\sensapi.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32\LINKINFO.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\BatMeter.dll
Fri Apr 29 13:40:38 2005 => Scanning File C:\WINDOWS\System32\unictxdm.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\WebSrch2.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\drprov.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\ntlanman.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\NETUI0.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\NETUI1.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\davclnt.dll
Fri Apr 29 13:40:39 2005 => Scanning File c:\windows\system32\w3ssl.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\System32\strmfilt.dll
Fri Apr 29 13:40:39 2005 => Scanning File C:\WINDOWS\system32\wscntfy.exe
Fri Apr 29 13:40:39 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apoint.exe
Fri Apr 29 13:40:39 2005 => Scanning File C:\PROGRA~1\Apoint2K\ApResNL.dll
Fri Apr 29 13:40:40 2005 => Scanning File C:\WINDOWS\system32\VXDIF.DLL
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apoint.DLL
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\EzAuto.dll
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\EzLaunch.DLL
Fri Apr 29 13:40:40 2005 => Scanning File C:\WINDOWS\AGRSMMSG.exe
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Java\J2RE14~1.2_~\bin\jusched.exe
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\Apoint2K\Apntex.exe
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\QUICKT~1\qttask.exe
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\HPQ\QUICKL~1\EabServr.exe
Fri Apr 29 13:40:40 2005 => Scanning File C:\PROGRA~1\HPQ\QUICKL~1\CPQINFO.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\HEWLET~1\HPSOFT~1\HPWuSchd.exe
Fri Apr 29 13:40:41 2005 => Scanning File C:\WINDOWS\System32\hphmon05.exe
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccApp.exe
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\CCIMSCAN.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\WINDOWS\system32\ATL71.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\DEFALERT.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\IWP\IWP.DLL
Fri Apr 29 13:40:41 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPW32.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\apwutil.dll
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\SAVRT32.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVOPTRF.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\WINDOWS\system32\SYMREDIR.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\STATUSHP.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\ccProSub.dll
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\NETDET~1.DLL
Fri Apr 29 13:40:42 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVTasks.dll
Fri Apr 29 13:40:42 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVError.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVAPSCR.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\apwcmdnt.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\ccAVMail.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\NAVOpts.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\N32Exclu.dll
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\NORTON~1\S32NAVO.DLL
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\PRODUC~1.DLL
Fri Apr 29 13:40:43 2005 => Scanning File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.DLL
Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgAbout.dll
Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgCtrl.dll
Fri Apr 29 13:40:44 2005 => Scanning File C:\WINDOWS\system32\MFC71.DLL
Fri Apr 29 13:40:44 2005 => Scanning File C:\WINDOWS\system32\MSVFW32.dll
Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTest.dll
Fri Apr 29 13:40:44 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTMgr.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTRes.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AvgSet.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgf.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\AVGRES.DLL
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgcckrn.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgvault.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgscan.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgunarc.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgrep.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemsui.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemcps.dll
Fri Apr 29 13:40:45 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\libsasl.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\saslcrammd5.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\sasldigestmd5.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\sasllogin.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\saslplain.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\Grisoft\AVGFRE~1\avgmail.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\System32\WebSrch2.exe
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Fri Apr 29 13:40:46 2005 => Scanning File C:\PROGRA~1\INTERM~1\SPYSUB~1\SpySub.exe
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\oledlg.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\OLEACC.dll
Fri Apr 29 13:40:46 2005 => Scanning File c:\PROGRA~1\INTERM~1\SPYSUB~1\en-us.dll
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Fri Apr 29 13:40:46 2005 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Fri Apr 29 13:40:47 2005 => Scanning File c:\PROGRA~1\INTERM~1\SPYSUB~1\ssengine.dll
Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\shdoclc.dll
Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\mshtml.dll
Fri Apr 29 13:40:47 2005 => Scanning File C:\WINDOWS\System32\msls31.dll
Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\ado\msado15.dll
Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\system32\MSDART.DLL
Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Fri Apr 29 13:40:48 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\OLEDB32R.DLL
Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\msjetoledb40.dll
Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\msjet40.dll
Fri Apr 29 13:40:48 2005 => Scanning File C:\WINDOWS\System32\mswstr10.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msjter40.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\MSJINT40.DLL
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msjtes40.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\system32\VBAJET32.DLL
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\system32\expsrv.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\ado\msadrh15.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\WINDOWS\System32\msimtf.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\scrauth.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\ScrBlock.dll
Fri Apr 29 13:40:49 2005 => Scanning File c:\windows\system32\jscript.dll
Fri Apr 29 13:40:49 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\mwavscan.com
Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\msvlclnt.dll
Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssdi.dll
Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssd.dll
Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavssi.dll
Fri Apr 29 13:40:50 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\ipc.dll
Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\RICHED32.DLL
Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\PSAPI.DLL
Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.exe
Fri Apr 29 13:40:51 2005 => Scanning File C:\DOCUME~1\boom\LOCALS~1\Temp\kavss.dll
Fri Apr 29 13:40:51 2005 => ***** Scanning Registry Files *****
Fri Apr 29 13:40:51 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Apr 29 13:40:51 2005 => Scanning File C:\WINDOWS\System32\stobject.dll
Fri Apr 29 13:40:52 2005 => Scanning File C:\WINDOWS\System32\unictxdm.dll
Fri Apr 29 13:40:52 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension
Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll
Fri Apr 29 13:40:52 2005 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL
Fri Apr 29 13:40:52 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Fri Apr 29 13:40:52 2005 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Fri Apr 29 13:40:52 2005 => {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} = C:\WINDOWS\MICROS~1.NET\imginfo.dll
Fri Apr 29 13:40:52 2005 => Scanning File C:\WINDOWS\MICROS~1.NET\imginfo.dll
Fri Apr 29 13:40:52 2005 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Apr 29 13:40:52 2005 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Apr 29 13:40:53 2005 => {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} = C:\WINDOWS\System32\req.dll
Fri Apr 29 13:40:53 2005 => ERROR!!! Invalid Entry = C:\WINDOWS\System32\req.dll (in key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{8E13DDE1-E013-47ec-9C4C-27C2F78BDD26}). Removing it.
Fri Apr 29 13:40:53 2005 => {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar2.dll
Fri Apr 29 13:40:53 2005 => Scanning File c:\PROGRA~1\google\GOOGLE~2.DLL
Fri Apr 29 13:40:53 2005 => {BDF3E430-B101-42AD-A544-FADC6B084872} = C:\Program Files\Norton AntiVirus\NavShExt.dll
Fri Apr 29 13:40:53 2005 => Scanning File C:\PROGRA~1\NORTON~1\NavShExt.dll
Fri Apr 29 13:40:53 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:53 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Apr 29 13:40:53 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Fri Apr 29 13:40:54 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\printui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Fri Apr 29 13:40:55 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\PROGRA~1\COMMON~1\System\OLEDB~1\oledb32.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:56 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Fri Apr 29 13:40:57 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Fri Apr 29 13:40: - Had even geen rekening gehouden dat het log zo groot zou worden.
Download Hoster
Pak het uit en start het programma.
Kies "Restore Original Hosts" en druk op "OK".
Sluit het programma af.
Plaats Hijackthis in een aparte map.
Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:
[b:3fd5069711]O4 - HKLM\..\Run: [WebSearch] C:\WINDOWS\System32\WebSrch2.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c11.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697517} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_aac.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} - http://dialxs.nl/install/dialxs.ocx
O20 - Winlogon Notify: req - C:\WINDOWS\System32\req.dll (file missing)
[/b:3fd5069711]Klik op 'Fix checked' om de items te verwijderen
Verwijder het volgende bestand:
[b:3fd5069711]C:\WINDOWS\System32\WebSrch2.exe[/b:3fd5069711]
Download dialxs_remove.zip pak het uit op je bureablad.
Dubbelklik klik op dialxs_remove.reg en laat de wijzigingen aan het register toevoegen.
Het bestand mag daarna weer worden verwijderd.
Over de volgende items ben in niet zeker:
O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
Die laat ik nog even staan, mogelijk dat M@rc hier nog een antwoord op heeft.
Maak de Temp-map leeg: Start -> Uitvoeren tik in: %TEMP%
Selecteer alle bestanden en verwijder deze.
Post een nieuw log van hijackthis en vertel of de PC nu beter is geworden. - Logfile of HijackThis v1.99.1
Scan saved at 18:22:54, on 29-4-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\WebSrch2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Hitman Pro\hitmanpro2.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\boom\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.computertotaal.nl/phpBB/viewtopic.php?p=966351
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=Q304&bd=presario&pf=laptop
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkCnv.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
[b:cb0f3f10d1]Verscheidene files kon ik niet verwijderen, die waren in gebruik zei ie.[/b:cb0f3f10d1]
van het originele probleem heb ik nog steeds last - [quote:a99b37bdf7]Verscheidene files kon ik niet verwijderen, die waren in gebruik zei ie[/quote:a99b37bdf7]Ik neem aan dat het dan om bestanden in de Temp-directory ging.
Die kunnen in de veilige mode worden verwijderd.
Kijk hier hoe dat moet.
Herstart de PC dus in Veilige mode.
De volgende regel mag nog worden gefixed:
[b:a99b37bdf7]O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll[/b:a99b37bdf7]
Verwijder daarna het volgende bestand:
[b:a99b37bdf7]C:\WINDOWS\System32\WebSrch2.exe
C:\WINDOWS\System32\unictxdm.dll[/b:a99b37bdf7]
Maak de Temp-directory leeg
Kijk ook of de volgende bestanden op je PC staan:
DMCICAAA.DLL
MSNET64.DLL
Die mogen dan ook worden verwijderd.
Herstart de PC in normale mode.
Download Silent Runners
Unzip het naar een eigen map.
Start SilentRunners.vbs
Wanneer je antivirusprogramma een melding geeft, sta je toe om dit script uit te voeren.
Er wordt een logje geplaatst in de map van waar je Silentrunners gestart hebt. Post de inhoud van dit logje. - Kan je me dit bestand even zippen en mailen: C:\WINDOWS\MICROS~1.NET\[b:6c6230f67b]imginfo.dll[/b:6c6230f67b]
Mailto: marckie[b:6c6230f67b]AT[/b:6c6230f67b]bleumedicine.be ([b:6c6230f67b]AT[/b:6c6230f67b] vervang je door [b:6c6230f67b]@[/b:6c6230f67b]) - Als je me dat bestandje gemaild heb doe je het volgende:
(print deze instructies uit of sla ze op in tekstbestandje op je bureaublad)
Als je de progjes hebt verbreek je de verbinding met het internet.
Download en unzip Process Explorer: http://www.sysinternals.com/files/procexpnt.zip
Download Pocket Killbox: http://www.atribune.org/downloads/KillBox.exe
Unzip Process explorer en klik op procexp.exe.
In het bovenste venster dubbelklik je op winlogon.exe.
Nu opent het venster Eigenschappen van winlogon.exe.
Klik op de tab “Threads”.
In het venster dat verschijnt, zoek je naar [b:46be766f70]imginfo.dll[/b:46be766f70]. Dit kan meerdere keren voorkomen.
Selecteer deze en klik vervolgens op de knop “Kill”. (Doe dit voor elke verwijzing naar
[b:46be766f70]imginfo.dll[/b:46be766f70])
Wanneer je ze allemaal 'gekilled' hebt, klik je op "OK".
Dubbelklik op explorer.exe, ga naar het tabblad “Threads”, en zoek hier ook alle verwijzingen naar [b:46be766f70]imginfo.dll[/b:46be766f70].
Selecteer één voor één de verwijzingen naar [b:46be766f70]imginfo.dll[/b:46be766f70] en klik op de knop “Kill”.
Als dit klaar is klik je op “OK”.
Start Hijackthis en fix de volgende sleutels:
[b:46be766f70]O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O20 - Winlogon Notify: imginfo - C:\WINDOWS\MICROS~1.NET\imginfo.dll
O21 - SSODL: NTDBGTOOL - {55D00E05-F65B-4882-9DAE-251A3723B779} - C:\WINDOWS\System32\unictxdm.dll
[/b:46be766f70]
Open een klablokbestand.
Kopieer onderstaande in dit kladblokbestand.
Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: fix.reg
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.
[code:1:46be766f70]REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}]
[-HKEY_CLASSES_ROOT\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}]
[-HKEY_CLASSES_ROOT\MSEvents.MSEvents]
[-HKEY_CLASSES_ROOT\MSEvents.MSEvents.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents.1][/code:1:46be766f70]
Dubbelklik op de fix.reg file en laat de wijzigingen aan het register oevoegen.
Start Killbox.exe
Selecteer de optie “Delete on reboot”.
In het veld “Full path of file to delete" Kopieer en plak je het volgende:
[code:1:46be766f70]C:\WINDOWS\MICROS~1.NET\imginfo.dll[/code:1:46be766f70]
Klik op de knop met de rode cirkel en het witte kruis.
Wanneer het programma vraagt om nu te rebooten, geef je hier toestemming voor. Klik op de knop "YES".
Maak een nieuwe Hijackthislog en post deze. - ik ga er morgenavond even naar kijken!
alvast hartelijk bedankt!
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.